E-mail

Overview

Students will explore the security of e-mail, disposable e-mail accounts and use a secure e-mail system.

Purpose

E-mail is one of the most-used forms of communication. How secure are the systems that we use daily and what are the implications of insecure systems?

We will also look at alternatives that would ensure security?

Objectives

Students will be able to:

• Identify security issues related to common e-mail systems.
• Use a disposable, temporary e-mail system
• Apply principles of secure e-mail through the PGP email system.

Preparation

• Ensure the sites used in this exploration are not blocked by your school.

Links

• For the Teacher
• For the Students

Vocabulary

Teaching Guide

Getting Started:

• TED Talk - Think Your E-Mail is Private? Think Again.
  • http://www.ted.com/talks/andy_yen_think_your_email_s_private_think_again?language=en
• Gmail – Email Data Mining
  • http://www.huffingtonpost.com/2013/09/05/gmail-ads-email-scanning_n_3871246.html

Explore:

Temporary, Disposable E-Mail

• Guerrilla Mail - https://www.guerrillamail.com/
• Temp Mail - https://temp-mail.org/en/
• Fake Inbox - http://www.fakeinbox.com/
• Nada - https://getnada.com/

Activity:

Install and send a message using PGP. http://openpgp.org/

• There are many options for using PGP, try different ones and see how they work together.

Activity:

Send e-mail using Python.

• Look at your email server settings.
• Update the info in the Python file.
• sendEmail.py
  • Can you email multiple people?
  • Could you pull the list of people to email from an external file?
  • How can you personalize the email for the recipient?

Wrap-up

Discussion:

• What could you do to ensure privacy when sending e-mail?
• What expectation of privacy do you have when sending e-mail?
• If you had a secret message to send, how would you do it?
• How could you automate e-mailing many people?

Assessment Questions

• Why do e-mail services “read” your e-mail? What is their goal?
• How does PGP secure e-mail differently than GMail?
• Why don’t people use services like PGP more often?
• What is phishing?
• What is spear-phishing?

Extended Learning

Visit site (Have I Been Pwned?)[https://haveibeenpwned.com/] to see if your account has been compromised.

Standards Alignment

License

Cyber Security Curriculum is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.